Security News > 2020 > December

A high-severity Windows zero-day that could lead to complete desktop takeover remains dangerous after a "Fix" from Microsoft failed to adequately patch it. The local privilege-escalation bug in Windows 8.1 and Windows 10 exists in the Print Spooler API. It could allow a local attacker to elevate privileges and execute code in the context of the current user, according to Microsoft's advisory issued in June.

HelpSystems, a Minneapolis, Minnesota-based software company, announced on Wednesday that it has acquired cloud-based data protection solution provider Vera for an undisclosed amount. Vera offers a platform that enables developers to build encryption, tracking, policy enforcement, secure file transfer and access control into applications.

A Vermont-based hospital network is now saying a cyberattack that crippled its computer systems in October was ransomware. While the Burlington-based University of Vermont Health Network, which serves hospitals in Vermont and upstate New York, had said its systems were attacked on Oct. 28, officials had not confirmed the attack that disabled the system's 600 applications was ransomware.

Sangoma disclosed a data breach after files were stolen during a recent Conti ransomware attack and published online. Yesterday, the Conti ransomware gang published over 26 GB of data on their ransomware data leak site that was stolen from Sangoma during the recent cyberattack.

China's spies "Were actively using that for counterintelligence and offensive intelligence. The capability was there and was being utilized." China had also stepped up its hacking efforts targeting biometric and passenger data from transit hubs. To be sure, China had stolen plenty of data before discovering how deeply infiltrated it was by U.S. intelligence agencies.

How do you go from neuroscientist to DEFCON Social Engineering Capture the Flag champ? Find out from hacker and social engineering expert Rachel Tobac! Join us for a fascinating interview with Rachel about her journey, why you should always be "Politely paranoid", and the people who inspired her along the way.

North Korean nation-state hackers tracked as the Lazarus Group have recently compromised organizations involved in COVID-19 research and vaccine development. After slithering into their network, the North Korean state hackers deployed Bookcode and wAgent malware with backdoor capabilities.

In order to defeat these cyber bad guys, security pros and AI should focus on what they do best. AI is markedly better at security-threat detection if clear guidelines can be turned into training data for AI. "For instance, if there are guidelines on certain kinds of IP addresses or websites that are known for being the source of malicious malware activity, the AI can be trained to look for them, take action, learn from this, and become smarter at detecting such activity in the future," writes Sivaraman.

Google is experimenting with increased storage for the browser cache to reduce the performance hit caused by the recently added partitioned cache feature. To prevent these side-channel attacks, Google added a new feature to Chrome 85 that partitions the browser's disk cache so that each site utilizes its own cache that cannot be read by other sites.

The NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members' personal information. NetGalley is a website that allows authors and publishers to promote digital review copies of their books to book advocates, influential readers, and industry professionals in the hopes that they will recommend the books to their audience.